Pages

Thursday, July 26, 2012

After being on the internet since 1995, yesterday was the first time I've ever been hacked -- at least that I know of.

Strange things started happening on Tuesday night. I got an email from Paypal saying that I sent a request to Skype for $100 with the message "Plz send me."

I contacted Paypal to let them know that I hadn't sent that request. Since their requests for payment don't have transaction IDs (that I can see, anyway), I wasn't able to report the exact transaction.

Yesterday at 1PM I got an email from Skype telling me that I had changed my email address to vvaridtel@gmail.com.

I immediately got on my phone and tried to surf over to Skype.com to inform them than I'd been compromised. Unfortunately, Skype.com kept trying to resolve to m.skype.com and I was getting a nice blank white page when I went there. (Still happening today).

I couldn't get to Skype.com from my PC at work since it's been flagged as an improper URL. To say that security at my job is tight is an understatement. As of Monday a "security hole" was closed so that I can't copy any files off of my computer to any external device. Forget about synching my iTunes to my phone anymore.

Eventually I found a URL for the Skype help chat page and, amazingly, it wasn't blocked. I was able to get on with a customer representative where we had a painfully slow chat to basically prove who I was and change the password on my account. That's it. No investigation of how this happened. No reinstatement of the money this person spent calling all over the place.

During this hour-long conversation with Skype, I got a tweet from a friend who informed me of the strange conversation he was having with "me." Here it is for your amusement.

Luckily, I was able to get into Skype on my phone via another way and saw that phone calls had been made that day to Bahrain, United Arab Emirates, Pakistan, Saudi Arabia, and Kuwait. I found out today that these calls had actually been going on since June 30 with most calls lasting 0.00 seconds(?). There had been 425 calls made between June 30 and July 25. I thought that my money was going quickly on Skype but didn't realize just how fast... or why.

Here are the top twenty charges that this person (or persons) made:

Date

Number

Country

Length

Cost

7/24/12 13:31

966591613770

Saudi Arabia

18:13

5.190

7/24/12 13:33

966508967921

Saudi Arabia

15:19

4.380

7/24/12 13:33

97334070038

Bahrain

15:59

4.170

7/15/12 14:31

923138490997

Pakistan

27:47

4.150

7/24/12 13:19

96566575864

Kuwait

29:28

4.050

7/25/12 3:26

971507137127

United Arab Emirates

11:28

3.390

7/24/12 13:22

97333917176

Bahrain

10:44

2.900

6/30/12 18:13

923212212615

Pakistan

11:36

1.830

7/25/12 3:15

971507137127

United Arab Emirates

5:54

1.740

7/1/12 16:21

923347885036

Pakistan

10:14

1.690

6/30/12 16:40

923312016458

Pakistan

10:23

1.690

7/16/12 10:48

923005050123

Pakistan

7:53

1.250

7/25/12 3:40

971507137127

United Arab Emirates

3:22

1.190

7/24/12 13:12

96566575864

Kuwait

7:01

1.150

7/3/12 11:44

923312016458

Pakistan

6:25

1.110

7/2/12 14:48

923013994747

Pakistan

6:10

1.110

6/30/12 17:39

923158797225

Pakistan

5:24

0.960

6/30/12 16:52

923312016458

Pakistan

5:50

0.960

7/4/12 17:01

923312016458

Pakistan

4:29

0.820

7/2/12 12:18

923316338929

Pakistan

3:28

0.670

Of course, Skype wouldn't reimburse me nor would they tell me if they were looking into this security breach. Blame the victim. Must be my fault.